I've hosted several malware analysis workshops over the past few years, I've collected those on YouTube and added to the following playlist 👇 youtube.com/playlist?list=… Samples from the workshops have been archived on Github: 👉 github.com/jstrosch/malwa…

Lnav : visualisation de logs Open Source permettant de parcourir et d'analyser vos logs dans une interface conviviale en CLI. Permet la coloration syntaxique, l'agrégation de logs et des requêtes SQL pour le diagnostic et le dépannage des applications. -> lnav.org

New open source OCR model just dropped! This one by Microsoft features the best text recognition I've seen in any open model and performs admirably on handwriting. It also handles a diverse range of vision tasks. You can play with it here: huggingface.co/spaces/gokaygo…

I am one again reminding people that if you are creating a Windows 11 installer, use Rufus - You can bypass the RAM, Secure Boot and TPM requirements - You can remove the requirement for a Microsoft account - Disable automatic encryption - Auto-create account and more

📚 New chapter in Trail of Bits' Testing Guide: Burp Suite Step-by-step guide to rapidly master @portswigger's Burp Suite ➡️ Using Burp Repeater, Intruder, and Collaborator, ➡️ Useful plugins ➡️ Best practices ➡️ Burp features to find specific vulns blog.trailofbits.com/2024/06/14/ann…

#GitHub actions #exploitation series by Synacktiv synacktiv.com/en/publication… synacktiv.com/en/publication…

Un vieux sketch des inconnus qui n’a pas pris une ride 👇

Our team collaborated with Eamon Javers and the video team on this digital documentary premiering now: Putin's Trader: How Russian hackers stole millions from U.S. investors ⁦⁦Paige Tortorelli⁩ ⁦@CNBCBria⁩ ⁦Jeniece Pettitt⁩ cnbc.com/2024/08/01/put…

In our brand new documentary “Putin’s Trader,” which is out today, this former Russian spy tells me attacks on Wall Street and American companies are a deliberate part of Vladimir Putin’s agenda.

#Concours gagne cette antenne #CC1101 pour ton #FlipperZero pour cela RT + Follow. Réservé UE et France (Métro + DOM-TOM) TAJ : 31/08/2024 Plus de chance en participant aussi sur instagram.com/kanjian_fr/ Règlement : kanjian.fr/concours-cc110… #DIY #Hack #hacking

Buttercup (the Trail of Bits CRS) scores the FIRST POINT in the AIxCC! Let's GOOOO! x.com/trailofbits/st…

After two years of hard work with Damien Cauquil (@[email protected]) , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: github.com/whad-team/whad… . And now, demo time ! [1/n]

If you want to have more than intuition about how the #transformer #architecture is ruling the #LLM world, you should really consider this "Transformer Explainer" resource, it's master class👏 And it's running directly in browser! poloclub.github.io/transformer-ex…

Damn, a chinese variant (FM11RF08S) of MIFARE Classic cards are found to be backdoored by the manufacturer! Special auth commands leak (static) encrypted nonces which can then be used to recover sector keys and dump the card. They’ve already released- eprint.iacr.org/2024/1275.pdf

vulnerable-AD-plus: Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab github.com/WaterExecution…

Ever wonder what it takes to bring a fantasy world to life?.. This thread will show you how movies pull off their epic feats 1. The first Star Wars trilogy used so detailed paintings as backgrounds in the movies that they tricked everybody

SSRF: A complete guide to exploiting advanced SSRF vulnerabilities -- blog.intigriti.com/hacking-tools/…

Every enterprise SaaS salesperson after leaving the Zoom

Security training is often considered a waste of time. 10 essential techniques from Google Cloud CISO Phil Venables on what leading organizations are doing. 🗒 The Techniques 1. Computer Based Training (if you have to do it then do it better) 2. Ambient Controls (Solutions

This is wild. Nvidia just casually dropped 70B model that beats GPT-4o and Claude 3.5 Sonnet. And it's open source. Here's how to try it for free: